1) simply setting a field to read-only in a custom script on the Signed tab of a signature field by:
this.getField("field name").readonly = true;
2) including the field in the "Mark as read-only: " list of fields on the Signed tab of a signature field
and, 3) including the field in a call to the setLock() method of a signature field?
As far as I can tell there isn't, but am I missing something? And if they are all the same, then since setLock() must execute in a priviledged context, it seems the harder way to get a read-only field.